-
Example - cncf-3.keycloack has project licenses like `Apache-2.0 (ASF header)` which are not valid.
This can be worked around by creating a LicenseRef for project licenses, but it would be much bet…
-
### Description
With #3897, a new SPDX license list version has been added to SCTK, namely version 3.25.0. In the meantime, `license-expression` still uses version 3.23.0: https://github.com/aboutc…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Is your feature request related to a problem? Please describe the problem.
By using a license url external too…
-
Following up from https://github.com/aboutcode-org/scancode-toolkit/issues/3954
There should be a daily/weekly cron job to:
* Update the licenses db from https://github.com/aboutcode-org/scancod…
-
Repo: https://github.com/DefectDojo/django-DefectDojo
```
docker pull ghcr.io/appthreat/cdxgen-python:v10
```
```
docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app -it gh…
-
For the following JAR files:
```
converter-moshi-2.9.0.jar
retrofit-2.9.0.jar
unit-api-2.0.jar
jai_core-1.1.3.jar
jstl-1.2.jar
aspectjweaver-1.9.7.jar
postgresql-42.2.25.jar
spring-boot-2.5.1…
-
### Summary
I wish for the nuget packages to have the licence expression property set correctly
### Details
The licence expression property should be set to the correct licence type I.e. Apache…
-
Package | Version | License | Issue Type
-- | -- | -- | --
ryu | 1.0.16 | Apache-2.0 OR BSL-1.0 | Incompatible License
We reject the BSL-1.0 license, so I was confused why this Rust crate was get…
-
Apache license file contains just short notice to be used in source files. Not a full license text, which it should.
I think it should be replaced with file obtained from URL: https://www.apache.or…
-
**Expected:**
should be able to call patch /curate with payload include valid license expressions
**Observed:**
Error message:
`{"errors": [[{"message": "Invalid license in curation","error": "…